The following are required:
· The three (or more) Component Holders (two Authorising Officers plus at least one other Component Holder), who are to generate the three (or more) sets of components. (The two Authorising Officers must be present whenever the HSM is to be set into the Authorised state).
· The HSM Console.
· Access to a single HSM.
· At least 6 formatted blank Smartcards (up to 12 can be used). 6 cards provide two copies of three sets of components, 12 cards provide four copies of three sets. Note that new cards are supplied un-formatted. Use the FC command to format or re-format the cards.
· Labels for identifying the Smartcards.
· A log to record the LMK check values that are used to verify the contents of each Smartcard at a later date. If the HSM is configured in Password mode and the two Passwords are entered by the Authorising Officers (i.e., not automatically created by the HSM and stored electronically), the two Passwords must be also recorded in the log.
· The two keys for the cam locks.
The results of the process with three Component Holders and two copies of the Smartcards are three Smartcard sets as follows:
· Smartcard set 1, consisting of one original Smartcard plus one duplicate (contains Component Set 1 (and, if applicable, Password 1)).
· Smartcard set 2, consisting of one original Smartcard plus one duplicate (contains Component Set 2 (and, if applicable, Password 2)).
· Smartcard set 3, consisting of one original Smartcard plus one duplicate (contains Component Set 3).
The Secret Values must each be 16 random characters, and can contain any hexadecimal characters (0-9, A-F).
Note that during the process of creating an LMK component set a number of values (Secret Values A and B and Value C) can be either entered manually or randomly generated by the HSM; if the values are entered manually and written down for storage, it is possible to subsequently re-create the LMK components even if the Smartcards are not available. Therefore the recorded values must be MORE SECURELY STORED than the Smartcards.